IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Hardware & Software Remarks
____________________________________________________________________ .........................................
S 4.13 Careful allocation of identifiers
Initiation responsibility: Head of IT Section, IT Security Management
Implementation responsibility: Administrators
In UNIX systems, user IDs and group IDs of processes and files are used,
inter alia, to establish the originators of actions and to allocate rights.
Therefore, assignment of such IDs should be handled very carefully.
Every log-in name, every user ID (UID) and every group ID (GID) must be
unique. Even after deletion of a user or a group, the log-in name and the UID
or GID should not be reassigned for a certain period of time. On networked
systems, steps must be taken to ensure that it is not possible for the same user
names and IDs to be assigned elsewhere on the system more than once. This is
especially important where NFS is used due to the conversion of UIDs, in
order that no data can be read without authorisation.
Every user must be a member of at least one group. Every GID appearing in
the /etc/passwd file must be defined in the /etc/group file.
Every group should comprise only those users who are absolutely required.
This is particularly important in the case of system groups (such as root, sys,
bin, adm, news, uucp, nuucp or daemon).
Log-ins with the UID 0 (superuser) may, apart from the system administrator
root, be granted only for administrative log-ins in accordance with previously
established rules (cf. S 2.33 Division of Administrator roles under UNIX).
It is good policy to lay down naming conventions for log-in names and
UIDs/GIDs. Checks should also be made at regular intervals as to whether all
the UIDs are reasonable. For example, they should consist entirely of
numerals and not contain any invalid combinations such as 00 or 000.
The files /etc/passwd and /etc/group should not be edited using editors, as
errors can greatly impair the security of the system. Only the appropriate
administration tools should be used, although these are highly system-specific.
Additional controls:
- What procedures are used to allocate IDs?
- Are the /etc/passwd and /etc/group files regularly checked for consistency?
- Does the UID field in /etc/passwd really contain numerals?
- Are all UIDs reasonable?
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000